lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-id: <554564654653216610@wsc.cz>
Date:	Wed, 27 Dec 2006 14:36:56 +0100 (CET)
From:	Jiri Slaby <jirislaby@...il.com>
To:	Sergei Organov <osv@...ad.com>
Cc:	<linux-kernel@...r.kernel.org>
Subject: Re: moxa serial driver testing

> Jiri Slaby <jirislaby@...il.com> writes:
> 
> > Could you test the patch below, if something changes?
> 
> Just tested with low_latency commented out. Still oopses:
> 
> BUG: unable to handle kernel NULL pointer dereference at virtual address 00000008
>  printing eip:
> f8f1730f
> *pde = 00000000
> Oops: 0000 [#1]
> SMP 
> Modules linked in: nvidia agpgart ipv6 nfs lockd nfs_acl sunrpc dm_mod sr_mod sbp2 ieee1394 ide_generic ide_disk e1000 snd_hda_intel snd_hda_codec snd_pcm_oss snd_mixer_oss snd_pcm snd_timer i2c_i801 tsdev psmouse snd soundcore snd_page_alloc i2c_core serio_raw parport_pc parport mxser_new evdev floppy pcspkr rtc ext3 jbd mbcache usb_storage usbhid ide_cd cdrom sd_mod uhci_hcd piix usbcore skge ata_piix libata scsi_mod generic ide_core thermal processor fan
> CPU:    0
> EIP:    0060:[<f8f1730f>]    Tainted: P      VLI
> EFLAGS: 00010046   (2.6.18-3-686 #1) 
> EIP is at mxser_receive_chars+0x21b/0x249 [mxser_new]

Yes, port->tty still somewhere becomes NULL -- does this patch help?

---

diff -Nrup mxser_newa/mxser_new.c mxser_newb/mxser_new.c
--- mxser_newa/mxser_new.c	2006-12-26 18:22:30.000000000 +0100
+++ mxser_newb/mxser_new.c	2006-12-27 14:26:22.000000000 +0100
@@ -2051,13 +2051,16 @@ static void mxser_wait_until_sent(struct
 void mxser_hangup(struct tty_struct *tty)
 {
 	struct mxser_port *info = tty->driver_data;
+	unsigned long flags;
 
 	mxser_flush_buffer(tty);
 	mxser_shutdown(info);
+	spin_lock_irqsave(&info->slock, flags);
 	info->event = 0;
 	info->count = 0;
 	info->flags &= ~ASYNC_NORMAL_ACTIVE;
 	info->tty = NULL;
+	spin_unlock_irqrestore(&info->slock, flags);
 	wake_up_interruptible(&info->open_wait);
 }
 
@@ -2263,8 +2266,6 @@ static irqreturn_t mxser_interrupt(int i
 			if (bits & irqbits)
 				continue;
 			port = &brd->ports[i];
-			if (!(port->flags & ASYNC_INITIALIZED))
-				continue;
 
 			int_cnt = 0;
 			spin_lock(&port->slock);
@@ -2274,7 +2275,9 @@ static irqreturn_t mxser_interrupt(int i
 					break;
 				iir &= MOXA_MUST_IIR_MASK;
 				if (!port->tty ||
-						(port->flags & ASYNC_CLOSING)) {
+						(port->flags & ASYNC_CLOSING) ||
+						!(port->flags &
+							ASYNC_INITIALIZED)) {
 					status = inb(port->ioaddr + UART_LSR);
 					outb(0x27, port->ioaddr + UART_FCR);
 					inb(port->ioaddr + UART_MSR);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ